jump to navigation

Virtual Networking Part 2 – Goals and Considerations December 21, 2011

Posted by audiomatron in Uncategorized.

A bit of pretense first… What I really admire about the virtualization scene is the community of people who are involved in it. Nowhere else have I seen a group of people so dedicated to their craft and who are as willing to offer assistance to those who need guidance than in the virtualization community. Quite often, if you tweet about an issue you are having, and use the right hash tags (like #vSphere), people will come out of the woodwork to help. It was one such interaction that really opened my eyes to the broader possibilities in virtual networking.

I tweeted that I was looking for some info about how to get more redundancy out of my virtual networking setup. Prior to that, I really didn’t have a clue about how to effectively utilize my networking resources. After I tweeted for help, a fellow by the name of Scott Lowe popped up and offered to help (as always, not trying to name drop, just making sure to give credit). I showed him my current setup, and he offered some suggestions on what I could do. It was that little bit of help that served to unlock an understanding of virtual networking that I did not have before (and for which I am eternally grateful). It is in that same vein that I wish to pass on what knowledge I have gained, in hopes that it will be of use to someone who is like I was only a short time ago.

In my previous post on the subject of virtual networking, I promised that this would be where I describe various scenarios based on different numbers of NICs present in an ESXi host. However, as I write this, I have quickly come to realize that the following bit about the goals/broad considerations regarding virtual networking could be a blog article all by itself. Additionally, the scenarios could each stand on their own as separate posts. To avoid turning a blog post into a book, I shall fragment these articles a bit.

Essential Goals for a Good Virtual Network

If I had to narrow down what one should hope to gain out of an effective virtual networking environment to two requirements, it would be these two: Segregation of services and redundancy. In order to obtain the best performance possible out of your virtual network setup, it is best to try to separate the various types of traffic that will travel through your server’s physical network interfaces – LAN traffic, vMotion, management, and storage. However, this should be done with an eye toward redundancy – ensuring that if a physical interface fails, there is another one available for fail over.

The goals of segregation and redundancy can be achieved with varying degrees of success based on how many physical NICs your server contains, and how you choose to distribute these various services. Obviously, the more NICs you have the better. Personally, I’d recommend no less than four NICs in an ESXi host in order to achieve the minimum levels of redundancy and segregation, and ideally, eight would be best. Of course, if you have a DMZ in which you will need virtual servers, you may need even more. However, there are ways of getting by with less, and I shall attempt to give some examples of each scenario. Bear in mind that this is in no way an exhaustive list, and really only reflects my opinion on the matter.

More on Segregation

Ideally, according to everything I’ve read on networking best practices, it is best to keep all of your various types of network traffic separate either physically or via vLANs. This is done both for security reasons and to increase performance. For example, you don’t want traffic like iSCSI, which is very I/O intensive traveling across the same pipes as your LAN traffic. Also, you don’t want users to be on the same network subnet as your management interfaces for your servers as this would pose a security risk.
From a small business perspective, however, a problem I see with this is that quite often, small businesses do not possess or can’t afford the equipment needed to properly implement this kind of design – especially if you just dropped a pile of cash on servers and storage for your virtualization project! . I’ve tried to come up with various ways to implement this approach myself in my own environment, but certain obstacles, such as lack of equipment to route between the different subnets that such an approach would create, has stopped me in my tracks. Furthermore, I have yet to see a small business that keeps their servers on a different subnet from their users.

The only thing that definitely needs to be kept separate is storage traffic. You are more than likely going to be using iSCSI or NFS in a small business virtual infrastructure. These protocols both run over IP networks, and are very I/O intensive. In order to ensure best performance, every measure should be taken to keep this traffic separate from LAN traffic. In my opinion, the best way to do this would be to use a separate gigabit switch (preferably one that supports jumbo frames) to create a private network for storage traffic.

Now that that is out of the way, on to the network scenarios, which as I mentioned earlier, will be in the next post!



1. Mark - February 28, 2012

Excellent Post there. I am attempting to roll out my first Virtual Server (to a client) and an still in two minds about this i.e. just to have SBS2011 installed as normal on the Server OR to virtualize it. Its only 10 users so feel ah…………should be easy.

Now, I have mucked about with ESXi VM’s in my home environment and it is only now that I realise how little it is that I know. Sure I love getting my hands dirty and like yourself love the concept of Virtualization….so thought the only way to learn more is to get stuck in and create a “Live” environment……………..at clients expense! Now there lays the problem. I respect my clients and to use them as a Guinea Pig is a hard call. I feel everything is working on the server but,,,,,,,,,,,,,there are many buts…………. Backups, restoration, Each time I test I get mixed results. Using Acronis vmProtect and still trying to figure it out,

Anyhow, without rabbiting on too much, I stumbled upon your articles and they are very good in giving a base understanding of ESXi 5. I learnt a lot from what you wrote. You mention a simple point

“The only thing that definitely needs to be kept separate is storage traffic.”

I say……….opps, I didn’t think of that “until now” Just goes to show how “little” I know. In turn am wary of rolling this Server out Virtualized……….at end of week. I may end up just giving them a Server without Virtualization until I know a tad more. Having said that I have learn’t an awful lot in the last two weeks. Its such a hard call.

You are right in saying that a lot of the Forums deal with large companies with lots of SAN’s and resources at their disposal. My clients are small and a single Server is often all that is needed. I sometime wonder if there is “any” point at all “Virtualizing” these small offices…………..I then understand that there are benefits…

Keep up the good writing & articles. I’ll certainly read them…………..and perhaps one day it will all fall into place for me i.e getting my head around the Basics.

2. Mark Breaux - April 6, 2012

Why are you trying to virtualize? Can you state some goals and then maybe we can help! 🙂

Mark - April 6, 2012

Why? Good question but I suppose becasue the technology is there so why not. Its time to get stuck in.

Its funny, the more I use it the more I can see many reasons to not actually virtualise. It costs more (ESXI isn’t free and one does need the basic essentials pack), it’s harder to manage i.e. one has to manage the OS and now also the ESXi Host, there is a lot to learn, more things that can go wrong i.e. ESXi is between OS and End User……………just to name a few things.

I can also see the benifits i.e. being able to run more than one OS on a single box, being able to move a VM to another ESXi5 compatible box should there be a hardware failure and so on.
I suppose its this reason I think Virtualisation is great.

For me what do I want to achieve.
– A WIn 2011 SBS environment (Exchange and a FIleserver)
– A WIn2000 Server (redundant and used for access to history)

Site = 10 Users and just require a File/Print Server. Nothing special.

System = HP ML350G6 QP875A E5620(1/2)18GB P410I/51BBWC 300GB(4) SAS 10K (Set to Raid 10)

Backing up to a Netgear Pro2 NAS using Acronis vmProtect7 (as a GFS method). The NAS backups to USB (rotate daily) drive for offsite (X2). Cloud is too slow here in Oz to consider.

I opted to give the SBS2011
CPU Cores = 4 (8 avail)
MEM = 12GB (18GB avail)
HDD = 3 Virtual HDD (80GB OS) (100GB APPS) & (80GB DATA) rather than a single 260GB one and partitioned in three within the OS.
Reason: Allows me to adjust size of each partition where needed rather than managing from within the OS. I have also Thin provisioned the Data Drive as unsure of actual space needed.
Located on local HDD and not stored on iSCSI or NFS.

As Far as the Network Card….well I haven’t change anything there and managed by ESXi Server.

No vmotion in play so didn’t feel it necessary to dedicate a physical card to it.

Just not sure what I should be adjusting and still playing but I do need to deliver soon. Suggestions welcome however above porbably doesn’t tell you much!

lsumarkb - April 7, 2012

No that gave me a lot of information. Yes I think if you are going to run multiple servers I am all for it. You said Oz so does that mean you are in Kansas? What part? I work in Leavenworth KS.

Anyways back to virtual world. I have a couple of concerns and suggestions. I think it might be best to go with two boxes if the budget is there. In any business reliability is key and Business continuity in case of failure is second. Have you bought ESXi yet or still playing? Hyper V (sacrilege I know) is a good alternative because of licensing. See this link below for why. https://msmvps.com/blogs/virtualreality/archive/2009/04/01/hyper-v-licensing-explained.aspx

The only bad part is having to buy exchange separately but really this sounds like a really small business. Wouldn’t hosted exchange or gmail business be better and more cost effective? Not sure of your situation but options none the less.

Ok so after reading that you say “I want to run ESXi” I say ok but why essentials package with only one server? You really don’t get any of the benefits of vcenter and I run standard license so not sure what else you get with essentials other than a vcenter license.

As far as what else to play with? Nothing I can think of because you are only running one host. Not much you can do with it but run multiple hosts. Updating it with patches might be something to try if you haven’t yet. The power cli is the best way to do it with one host and no vcenter. It is pretty straight forward.

I hope this helps and I didn’t miss anything! If I did just ask! I love discussing this stuff.

3. Mark - April 7, 2012

Thanks for the reply. I too could spend hours/days on the topic.

Oz = Australia 
Hyper V = Too late to start learning the ins and outs of this now. Spent the last 4 weeks on ESXi5 so best stick to it. SBS2011 costs nothing as it came pre-installed on Server in turn going HyperV may in fact be more expensive regardless.

Two Boxes = Budget is every tight at the moment, In time have a white box in place for redundancy (need to build a test cheapie as noted below). They are no worse off whether they go stand alone or use ESXi as with way there is only one Server (Box). Going ESXi has the benefit of Hosting the Old Win2000 wthout taking up Floor space.

ESXi Essentials = is the cheapest method to licence ESXi. Around $800 I think?. I need this to be able to use Acronis vmProtect7 ($500) as that won’t run on Free version. I believe this is the same for most Backup Software like Veeam.
Backup: Needs to be done daily and Live. Business is a Hotel so runs 24/7.
Exchange = Comes with SBS2011 so may as well use it. Cheaper than current (POP3) hosting and at least there will be a backup rather than them using .PSTs held on local PC’s which aren’t backed up

Support: This needs to be self sufficient as they don’t have onsite support. I’ll check up on occasion remotely.

Right now am wasting a massive amount of time trying to determine the components required for a Cheapie White Box (for myself) to run ESXi5 with SBS2011. I am so mean don’t want to spend more than around $600!. I need to test running a Replication. SBS2011 is very greedy and needs 64bit, min 12GB RAM and 4cores to even work efficiently! Will need to troll Ebay for parts like Network and Raid.

Any suggestions on White boxes. I was looking at this site for ideas: http://hardforum.com/showthread.php?t=1376255

Not sure why I wrote all of the above and perhaps taking up pages space on this blog………….sorry 🙂

4. lsumarkb - April 9, 2012

Opps sorry i should have known Oz was Australia. Anyways, I understand about Hyper-V vs ESXi. When you get some free time though it might be worth playing with to see how it might function for other small businesses.

As for a white box, I wouldn’t. They usually end up costing you as much as a smart buy from HP or other similiar product from dell or ibm and you have no support but yourself. I can build an SBS compatible box (and ESXi) from HP smart buy for about $3600.


HP likes to try to add in “Care Packs” so just remove those from the cart and add RAM and your HDD choices and you are good to go. My price reflexs 16GB of ram total (so add two 4GB sticks) and 4 72GB SAS 15k drives for a RAID 10. You get 3 years next business day on-site (included in the price) here in the US.

Mark - April 9, 2012

Its only a test PC for me so certainly don’t need another ML350. Too expensive. All good, I’ll grab a little run out special 64bit capable HP workstation with a couple of add ons cards off ebay, Should get away with something under $800

I will indeed try out Hyper-V at some point.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: